Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/jiXdghLvgHXsnCG-y1SvzKeY0pw.roa
File: jiXdghLvgHXsnCG-y1SvzKeY0pw.roa (raw, json)
Hash identifier: 6rMWklmsXb/x+9hL46wd8fXbMJYVNvePPae+vTxpcJQ=
Subject key identifier: 8E:25:DD:82:12:EF:80:75:EC:9C:21:BE:CB:54:AF:CC:A7:98:D2:9C
Certificate issuer: /CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Certificate serial: 01856BDC8390C68CC26002C70A94AE5B78B6
Authority key identifier: 29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/jiXdghLvgHXsnCG-y1SvzKeY0pw.roa
Signing time: Sun 01 Jan 2023 05:44:51 +0000
ROA not before: Sun 01 Jan 2023 05:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51698
IP address blocks: 91.227.152.0/24 maxlen: 24
91.227.152.0/23 maxlen: 23
91.227.153.0/24 maxlen: 24
178.159.254.0/23 maxlen: 23
178.159.254.0/24 maxlen: 24
178.159.255.0/24 maxlen: 24
185.65.138.0/23 maxlen: 24
178.159.248.0/21 maxlen: 21
178.159.250.0/23 maxlen: 23
178.159.250.0/24 maxlen: 24
178.159.251.0/24 maxlen: 24
178.159.252.0/24 maxlen: 24
178.159.252.0/23 maxlen: 23
178.159.253.0/24 maxlen: 24
178.159.248.0/23 maxlen: 23
185.47.154.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jul 2023 07:37:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:83:90:c6:8c:c2:60:02:c7:0a:94:ae:5b:78:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2901f5019a970ba5be0c754d20f78671818f4a2e
Validity
Not Before: Jan 1 05:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e25dd8212ef8075ec9c21becb54afcca798d29c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:13:89:ec:f0:13:41:6c:8b:59:01:2f:13:57:
45:55:bb:0b:64:18:9b:35:43:bf:cf:88:8b:43:22:
10:99:fa:b0:f6:6e:71:46:a9:cf:6f:ee:77:b0:1b:
33:c9:56:ef:7e:cf:f5:c5:05:35:8e:c6:6a:e6:d1:
2a:2d:da:89:1f:ca:bf:2b:80:ef:31:2e:a4:e5:d7:
ce:d8:82:bb:78:2d:a1:5f:01:c2:8d:f2:5b:af:99:
40:67:fb:f7:9a:f8:19:66:51:47:99:b1:9f:8e:96:
f4:63:dd:c6:62:72:d0:09:be:85:01:eb:a0:46:a3:
0f:dd:9b:19:bc:a6:49:b3:b1:ba:69:0c:94:84:f3:
2d:a7:27:58:43:46:0f:a8:b7:85:7a:de:0e:ac:fe:
7a:28:f5:b8:f2:d0:8a:28:da:9a:98:b7:94:80:29:
ec:34:34:7c:d5:7c:41:09:6a:ff:0a:10:c5:63:e3:
47:64:75:0d:32:3b:3e:c7:a3:c5:c4:96:70:1e:91:
7e:59:4e:90:a1:e9:56:4d:0a:d2:00:1d:b6:49:b8:
52:d8:ae:4b:42:73:f1:37:fb:6c:c2:87:f6:b7:49:
12:34:50:d2:98:73:04:07:1c:6a:2b:fc:1a:ea:47:
cb:88:53:a4:ac:a4:de:02:9d:38:7d:9b:2a:07:c7:
c7:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:25:DD:82:12:EF:80:75:EC:9C:21:BE:CB:54:AF:CC:A7:98:D2:9C
X509v3 Authority Key Identifier:
keyid:29:01:F5:01:9A:97:0B:A5:BE:0C:75:4D:20:F7:86:71:81:8F:4A:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQH1AZqXC6W-DHVNIPeGcYGPSi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/jiXdghLvgHXsnCG-y1SvzKeY0pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/27b62e-3639-4e74-affe-2b2f2b8908cc/1/KQH1AZqXC6W-DHVNIPeGcYGPSi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.227.152.0/23
178.159.248.0/21
185.47.154.0/23
185.65.138.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:a5:87:48:89:7f:87:3f:1e:be:20:c9:e4:62:90:d6:5b:23:
1c:43:69:f0:70:28:f6:db:30:be:e8:e5:25:c2:67:08:92:21:
48:e7:74:67:d3:82:55:4f:3f:07:6e:e0:c5:72:e5:c3:84:7a:
d9:69:8a:cf:cc:3e:d2:09:d8:4b:8e:61:78:96:bb:ae:fd:e0:
8c:0f:ff:91:e5:5d:40:8c:53:71:b5:40:1b:25:88:70:99:47:
98:b5:2b:cd:33:fb:18:33:c1:b8:76:b4:1e:84:d2:73:23:9b:
5f:6e:7c:ce:8b:86:9c:53:09:de:ce:46:1e:97:bb:79:79:d9:
3e:84:47:ae:1e:88:20:ca:ea:4c:57:df:49:2d:a2:01:94:4b:
21:06:26:a8:be:f2:28:37:48:90:ae:ef:d0:7b:8c:bf:fd:ca:
43:8c:7d:75:d5:f9:5c:da:2b:af:2f:03:0e:77:30:f3:df:d0:
dd:c9:54:ac:ae:40:b8:fe:2d:33:3a:4f:ff:99:e6:36:40:85:
6d:bb:c2:29:e3:61:9d:d0:7b:d1:db:65:3b:7d:c8:a3:a3:a1:
4c:0c:f4:fd:9e:6f:5e:3c:c1:88:a2:bf:95:0b:ba:3b:de:ef:
93:8a:e7:d0:49:5a:89:89:c2:5f:85:4f:df:63:9f:73:3a:46:
81:ac:c3:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVr3IOQxozCYALHCpSuW3i2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDFmNTAxOWE5NzBiYTViZTBjNzU0ZDIwZjc4NjcxODE4
ZjRhMmUwHhcNMjMwMTAxMDU0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTI1ZGQ4MjEyZWY4MDc1ZWM5YzIxYmVjYjU0YWZjY2E3OThkMjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghOJ7PATQWyLWQEvE1dFVbsLZBib
NUO/z4iLQyIQmfqw9m5xRqnPb+53sBszyVbvfs/1xQU1jsZq5tEqLdqJH8q/K4Dv
MS6k5dfO2IK7eC2hXwHCjfJbr5lAZ/v3mvgZZlFHmbGfjpb0Y93GYnLQCb6FAeug
RqMP3ZsZvKZJs7G6aQyUhPMtpydYQ0YPqLeFet4OrP56KPW48tCKKNqamLeUgCns
NDR81XxBCWr/ChDFY+NHZHUNMjs+x6PFxJZwHpF+WU6QoelWTQrSAB22SbhS2K5L
QnPxN/tswof2t0kSNFDSmHMEBxxqK/wa6kfLiFOkrKTeAp04fZsqB8fHMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFI4l3YIS74B17JwhvstUr8ynmNKcMB8GA1UdIwQY
MBaAFCkB9QGalwulvgx1TSD3hnGBj0ouMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUt
MmIyZjJiODkwOGNjLzEvamlYZGdoTHZnSFhzbkNHLXkxU3Z6S2VZMHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yN2I2MmUtMzYzOS00ZTc0LWFmZmUtMmIyZjJiODkwOGNj
LzEvS1FIMUFacVhDNlctREhWTklQZUdjWUdQU2k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+OYAwQD
sp/4AwQBuS+aAwQBuUGKMA0GCSqGSIb3DQEBCwUAA4IBAQA9pYdIiX+HPx6+IMnk
YpDWWyMcQ2nwcCj22zC+6OUlwmcIkiFI53Rn04JVTz8HbuDFcuXDhHrZaYrPzD7S
CdhLjmF4lruu/eCMD/+R5V1AjFNxtUAbJYhwmUeYtSvNM/sYM8G4drQehNJzI5tf
bnzOi4acUwnezkYel7t5edk+hEeuHoggyupMV99JLaIBlEshBiaovvIoN0iQru/Q
e4y//cpDjH111flc2iuvLwMOdzDz39DdyVSsrkC4/i0zOk//meY2QIVtu8Ip42Gd
0HvR22U7fcijo6FMDPT9nm9ePMGIor+VC7o73u+TiufQSVqJicJfhU/fY59zOkaB
rMPw
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:41 2024 by rpki-client on console-ams.rpki-client.org